The Asia-Pacific region is undergoing a profound digital transformation, creating vast economic opportunities and reshaping various sectors. But this rapid shift also underscores the critical need for robust cybersecurity and data governance frameworks to build trust, foster financial inclusion, and ensure resilient and sustainable development.

Threats are escalating, with the average corporate cost of a data breach in Asean and India hitting record highs of US$3.23 million and US$2.35 million, respectively, in 2024, a 6-7% increase from the previous year, according to a report from the Asian Development Bank ( ADB ). This surge is attributed to rapid technology adoption without sufficient security, low user awareness, and the shift to hybrid working models.

Small and medium-sized enterprises ( SMEs ) are particularly vulnerable due to their limited resources and are often unable to recover from cyberattacks. Governments are responding by enacting laws, such as Singapore’s 2024 amendment to its Cybersecurity Act to enhance critical digital infrastructure security and mandate wider incident reporting, and Thailand’s Cybersecurity Act of 2019, which requires risk assessments and security controls. These measures are vital, as concerns over cybersecurity and data privacy can erode public trust, increasing digital divides.

Alongside cybersecurity, data governance frameworks are advancing at an uneven pace across Asia. While a quarter of countries in the region have achieved Generation 4 regulatory maturity in ICT, two-thirds remain at lower levels, and the region lags the global average in legal instruments for both ICT and digital markets, based on a report by the International Telecommunication Union. Data privacy is a key focus, with economies like Indonesia implementing regulations that mandate explicit consent for data collection, robust security measures, and breach reporting.

The rise of fintech and digital banking platforms, with digital banks tripling customer bases compared to traditional banks, underscores the urgency of sound data governance. Regulations, such as open banking mandates, are pushing banks to allow customer data sharing via application programming interfaces ( APIs ), as seen in Australian banks revisiting their strategies to master data aggregation. However, challenges persist, notably the potential for large technology companies to hinder market competition by exploiting dominant positions and restricting data sharing, alongside the risk of algorithmic errors stemming from biased training datasets.

To navigate these complexities, Asian economies are adopting integrated policy packages centred on overarching national digital strategies that embed inclusion and sustainability. These strategies facilitate cross-ministerial coordination and guide resource allocation, aiming to leverage digital transformation for broader societal benefits.

Regulatory measures are not only safeguarding cybersecurity and data privacy but also fostering market competition, as exemplified by India’s Digital Competition Law of 2024, which aims to curb unfair practices by large tech firms and support SMEs. India’s Digital Public Infrastructure has been cited by the ADB as a model for public-private collaboration in scaling inclusive digital solutions. These comprehensive efforts are essential to ensure that the ongoing digital transformation truly serves all citizens and mitigates inherent risks.